{"id":901,"date":"2017-12-04T22:36:05","date_gmt":"2017-12-04T22:36:05","guid":{"rendered":"http:\/\/wiki.thomasandsofia.com\/?p=901"},"modified":"2018-01-27T00:15:54","modified_gmt":"2018-01-27T00:15:54","slug":"understanding-active-directory","status":"publish","type":"post","link":"https:\/\/wiki.thomasandsofia.com\/?p=901","title":{"rendered":"Understanding Active Directory"},"content":{"rendered":"<p>Lesson 1 of 6<\/p>\n<p><a href=\"https:\/\/mva.microsoft.com\/en-us\/training-courses\/understanding-active-directory-8233?l=aErw3QJy_6904984382\" target=\"_blank\" rel=\"noopener\">https:\/\/mva.microsoft.com\/en-us\/training-courses\/understanding-active-directory-8233?l=aErw3QJy_6904984382<\/a><\/p>\n<p><a href=\"http:\/\/wiki.thomasandsofia.com\/2017\/12\/05\/active-directory-domain-services\/\">Lesson 2 &gt;<\/a><\/p>\n<h1>Main Menu<\/h1>\n<ul>\n<li><a href=\"#intro\">Introduction to Active Directory<\/a><\/li>\n<li><a href=\"#ds\">Active Directory Domain Services (DS)<\/a><\/li>\n<li><a href=\"#cs\">Active Directory Certificate Services (CS)<\/a><\/li>\n<li><a href=\"#fs\">Active Directory Federation Services (FS)<\/a><\/li>\n<li><a href=\"#rms\">Active Directory Rights Management Services (RMS)<\/a><\/li>\n<li><a href=\"#lds\">Active Directory Lightweight Directory Services (LDS)<\/a><\/li>\n<\/ul>\n<h2>Introduction to Active Directory<\/h2>\n<p>Active directory is a portfolio of technologies used to manage Identity and access for, and to, resources on a network.<\/p>\n<ul>\n<li>AD Domain Services (AD DS)\n<ul>\n<li>Users, Computers and P0licies<\/li>\n<\/ul>\n<\/li>\n<li>AD Certificate Services (AD CS)\n<ul>\n<li>Service, Client, Server and User Identification<\/li>\n<li>Verification of Identification<\/li>\n<\/ul>\n<\/li>\n<li>AD Federation Services (AD FS)\n<ul>\n<li>Resource access across traditional boundaries<\/li>\n<li>Allowing of resources in one organization to accessed by security principles in another organization without needed traditional trust mechanisms<\/li>\n<\/ul>\n<\/li>\n<li>AD Rights Management Services (AD RMS)\n<ul>\n<li>Maintain security of data<\/li>\n<\/ul>\n<\/li>\n<li>AD Lightweight Directory Services (AD LDS)\n<ul>\n<li>Copy of the structure of AD services<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a name=\"ds\"><\/a><\/p>\n<h2>What is Active Directory Domain Services<\/h2>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>A directory services is both the directory information source and the service that makes the information available and usable\n<ul>\n<li>Servers\n<ul>\n<li>Mgmt Profile<\/li>\n<li>Network Info<\/li>\n<li>Printers<\/li>\n<li>Shares<\/li>\n<\/ul>\n<\/li>\n<li>Users\n<ul>\n<li>Account Information<\/li>\n<li>Privileges<\/li>\n<li>Profiles<\/li>\n<li>Policies<\/li>\n<\/ul>\n<\/li>\n<li>Windows Clients\n<ul>\n<li>Mgmt Profiles<\/li>\n<li>Network Info<\/li>\n<li>Policies<\/li>\n<\/ul>\n<\/li>\n<li>Network Devices\n<ul>\n<li>Config<\/li>\n<li>QoS Policy<\/li>\n<li>Security Policy<\/li>\n<\/ul>\n<\/li>\n<li>Applications\n<ul>\n<li>Server Config<\/li>\n<li>SSO (Single Sign On)<\/li>\n<li>App-Specific Directory Info<\/li>\n<\/ul>\n<\/li>\n<li>Email Servers\n<ul>\n<li>Mailbox Information<\/li>\n<li>Address Book<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>A Phone Book<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>What does AD DS do<\/h3>\n<ul>\n<li>Scalable, secure and manageable infrastructure for user and resource management\n<ul>\n<li>Stores and manages information about network resources<\/li>\n<li>Provides support for directory enabled application such as Microsoft Exchange Server<\/li>\n<li>Allows for centralized management\n<ul>\n<li>Delegation of that management<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a name=\"cd\"><\/a><\/p>\n<h2>What is Active Directory Certificate Services<\/h2>\n<p><a href=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/adcs.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-906\" src=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/adcs.png\" alt=\"\" width=\"843\" height=\"698\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/adcs.png 843w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/adcs-300x248.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/adcs-768x636.png 768w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/adcs-150x124.png 150w\" sizes=\"auto, (max-width: 843px) 100vw, 843px\" \/><\/a><\/p>\n<ul>\n<li>Microsoft&#8217;s implementation of Public Key Infrastructure (PKI)\n<ul>\n<li>PKI is a set of hardware, software, people, policies and procedures needed to create, manage, distribute, use, store and revoke digital certificates.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>What does AD CS do?<\/h3>\n<ul>\n<li>AD CS provides customizable services for issuing and managing digital certificates\n<ul>\n<li>Certification Authorities<\/li>\n<li>CA Web Enrollment<\/li>\n<li>Online Responders<\/li>\n<li>Network Device Enrollment Services (NDES)<\/li>\n<li>Certificate Enrollment Web Service<\/li>\n<li>Certificate Enrollment Policy Web Service<\/li>\n<\/ul>\n<\/li>\n<li>Bottom line: &#8220;It issues and manages certificates&#8221;<\/li>\n<\/ul>\n<p><a name=\"fs\"><\/a><\/p>\n<h2>What is Active Directory Federation Services<\/h2>\n<p><a href=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-908\" src=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs.png\" alt=\"\" width=\"1328\" height=\"736\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs.png 1328w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs-300x166.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs-768x426.png 768w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs-1024x568.png 1024w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/fs-150x83.png 150w\" sizes=\"auto, (max-width: 1328px) 100vw, 1328px\" \/><\/a><\/p>\n<ul>\n<li>A software component that facilitates the cross-organizational access of systems and applications<\/li>\n<li>Allows an IT Administrator to either\n<ul>\n<li>Share my resources out to the world<\/li>\n<li>Let my users access information in someone else&#8217;s organization<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>What does AD FS do<\/h3>\n<ul>\n<li>The AD FS server role provides simplified, secured identity federation and Web Single Sign On capabilities\n<ul>\n<li>Enabled the creation of trust relationships between two organizations<\/li>\n<li>Provides access to applications between organizations<\/li>\n<li>Provides Single Sign On between two different directories for Web-based applications<\/li>\n<\/ul>\n<\/li>\n<li>Bottom Line: &#8220;Log in once and done&#8221;<\/li>\n<\/ul>\n<p><a name=\"rms\"><\/a><\/p>\n<h2>What is Active Directory Rights Management Services<\/h2>\n<p><a href=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-909\" src=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms.png\" alt=\"\" width=\"1144\" height=\"773\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms.png 1144w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms-300x203.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms-768x519.png 768w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms-1024x692.png 1024w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2017\/12\/rms-150x101.png 150w\" sizes=\"auto, (max-width: 1144px) 100vw, 1144px\" \/><\/a><\/p>\n<ul>\n<li>Active Directory Rights Management Services (AD RMS) is an information protection technology that works with applications to safeguard digital information.\n<ul>\n<li>Author creates content (word doc, email, etc)<\/li>\n<li>Author can protect that content using AD RMS aware applications (Word, Outlook) from allowing others to\n<ul>\n<li>Forward<\/li>\n<li>Print<\/li>\n<li>Share<\/li>\n<li>Etc.<\/li>\n<\/ul>\n<\/li>\n<li>These protections follow that document anywhere.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>What does AD RMS do<\/p>\n<ul>\n<li>Allows individuals and administrators to specify access permissions to documents, workbooks, presentations, emails, etc.\n<ul>\n<li>Prevent sensitive information from being printed, forwarded or copied by unauthorized people<\/li>\n<li>Access and usage restrictions are enforced no matter where the information is located.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a name=\"lds\"><\/a><\/p>\n<h2>What is Active Directory Lightweight Directory Services<\/h2>\n<ul>\n<li>AS LDS is a hierarchical file-based directory store<\/li>\n<li>AD LDS is both the directory information source and the service that makes the information available and usable.\n<ul>\n<li>Similar to AD DS<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>What is AD LDS<\/p>\n<ul>\n<li>Lightweight Directory Access Protocol (LDAP)\n<ul>\n<li>Directory service that provides flexible support for directory-enabled applications, without the dependencies and domain-related restrictions of AD DS<\/li>\n<li>Provide directory services for directory-enabled applications without incurring the overhead of domains and forests<\/li>\n<li>No requirement for a single schema throughout a forest.<\/li>\n<\/ul>\n<\/li>\n<li>Bottom line: &#8220;It&#8217;s an Information Store&#8221;<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Lesson 1 of 6 https:\/\/mva.microsoft.com\/en-us\/training-courses\/understanding-active-directory-8233?l=aErw3QJy_6904984382 Lesson 2 &gt; Main Menu Introduction to Active Directory Active Directory Domain Services (DS) Active Directory Certificate Services (CS) Active Directory Federation Services (FS) Active Directory Rights Management Services (RMS) Active Directory Lightweight Directory Services (LDS) Introduction to Active Directory Active directory is a portfolio of technologies used to manage ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/?p=901\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,32],"tags":[],"class_list":["post-901","post","type-post","status-publish","format-standard","hentry","category-active-directory","category-windows"],"_links":{"self":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/901","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=901"}],"version-history":[{"count":6,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/901\/revisions"}],"predecessor-version":[{"id":1010,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/901\/revisions\/1010"}],"wp:attachment":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=901"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=901"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=901"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}